Cloudmark continues to see spam advertising an upgrade to Adobe Acrobat Reader.
Links contained within emails with the subject line “Action required : Upgrade New Adobe Acrobat Reader For Your PC” do not lead you to an official Adobe website. The message may seem legitimate to the unknowing recipient since the URLs in spam and the initial landing page contain the word “adobe” in the domain. Similar to the campaign outlined by MX Lab in September 2010, the links take you to malicious web sites asking for your credit card information.
Once you click on the “Download Now” button, you are redirected to secureonlineweb.su to provide your contact information and your credit card details.
Our samples, as well as reports elsewhere, show this scam being sent by otherwise legitimate ESPs (Email Service Providers) – as noted by MX Lab, Mailchimp has been victimized this way in the past, Exact Target was a source earlier this month, and the current batch of scam spam is coming from Silverpop.